An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute commands via a network.QuTScloud c5.1.x is not affected. We have already fixed the vulnerability in the follo...
8.8CVSS
8.8AI Score
0.001EPSS
A SQL injection vulnerability has been reported to affect Video Station. If exploited, the vulnerability could allow authenticated users to inject malicious code via a network. We have already fixed the vulnerability in the following version:Video Station 5.7.0 ( 2023/07/27 ) and later
8.8CVSS
8.7AI Score
0.001EPSS
A cross-site scripting (XSS) vulnerability has been reported to affect Video Station. If exploited, the vulnerability could allow authenticated users to inject malicious code via a network. We have already fixed the vulnerability in the following version:Video Station 5.7.0 ( 2023/07/27 ) and later
5.4CVSS
5.7AI Score
0.0005EPSS